From 85990602c6fdb40489138e80080ca508200c7137 Mon Sep 17 00:00:00 2001 From: Mike Dalessio Date: Tue, 31 Dec 2024 22:03:13 -0500 Subject: [PATCH] version bump to v2.24.0 plus some documentation additions --- CHANGELOG.md | 11 +++++++++++ README.md | 17 +++++++++-------- lib/loofah/scrubbers.rb | 4 ++-- lib/loofah/version.rb | 2 +- 4 files changed, 23 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8c794c4..27c19e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # Changelog +## 2.24.0 / 2024-12-24 + +### Added + +* Built-in scrubber `:double_breakpoint` which sees `

` and wraps the surrounding content in `

` tags. #279, #284 @josecolella @torihuang + +### Improved + +* Built-in scrubber `:targetblank` now skips `a` tags whose `href` attribute is an anchor link. Previously, all `a` tags were modified to have `target='_blank'`. #291 @fnando + + ## 2.23.1 / 2024-10-25 ### Added diff --git a/README.md b/README.md index 69fb7b9..402724f 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,8 @@ Active Record extensions for HTML sanitization are available in the [`loofah-act * Add the _nofollow_ attribute to all hyperlinks. * Add the _target=\_blank_ attribute to all hyperlinks. * Remove _unprintable_ characters from text nodes. - * Modify _double breakpoints_ characters to paragraph nodes. +* Some specialized HTML transformations are also built-in: + * Where `

` exists inside a `p` tag, close the `p` and open a new one. * Format markup as plain text, with (or without) sensible whitespace handling around block elements. * Replace Rails's `strip_tags` and `sanitize` view helper methods. @@ -228,15 +229,15 @@ doc.scrub!(:whitewash) # removes unknown/unsafe/namespaced tags and their chi # and strips all node attributes ``` -Loofah also comes with some common transformation tasks: +Loofah also comes with built-in scrubers for some common transformation tasks: ``` ruby -doc.scrub!(:nofollow) # adds rel="nofollow" attribute to links -doc.scrub!(:noopener) # adds rel="noopener" attribute to links -doc.scrub!(:noreferrer) # adds rel="noreferrer" attribute to links -doc.scrub!(:unprintable) # removes unprintable characters from text nodes -doc.scrub!(:targetblank) # adds target="_blank" attribute to links -doc.scrub!(:double_breakpoint) # removes double breakpoints to paragraph nodes +doc.scrub!(:nofollow) # adds rel="nofollow" attribute to links +doc.scrub!(:noopener) # adds rel="noopener" attribute to links +doc.scrub!(:noreferrer) # adds rel="noreferrer" attribute to links +doc.scrub!(:unprintable) # removes unprintable characters from text nodes +doc.scrub!(:targetblank) # adds target="_blank" attribute to links +doc.scrub!(:double_breakpoint) # where `

` appears in a `p` tag, close the `p` and open a new one ``` See `Loofah::Scrubbers` for more details and example usage. diff --git a/lib/loofah/scrubbers.rb b/lib/loofah/scrubbers.rb index eb68546..e994240 100644 --- a/lib/loofah/scrubbers.rb +++ b/lib/loofah/scrubbers.rb @@ -355,8 +355,8 @@ def scrub(node) # # +:double_breakpoint+ replaces double-break tags with closing/opening paragraph tags. # - # double_breakpoint_markup = "

Some text here in a logical paragraph.

Some more text, apparently a second paragraph.

" - # Loofah.html5_fragment(messy_markup).scrub!(:double_breakpoint) + # markup = "

Some text here in a logical paragraph.

Some more text, apparently a second paragraph.

" + # Loofah.html5_fragment(markup).scrub!(:double_breakpoint) # => "

Some text here in a logical paragraph.

Some more text, apparently a second paragraph.

" # class DoubleBreakpoint < Scrubber diff --git a/lib/loofah/version.rb b/lib/loofah/version.rb index 73a83de..190fd9c 100644 --- a/lib/loofah/version.rb +++ b/lib/loofah/version.rb @@ -2,5 +2,5 @@ module Loofah # The version of Loofah you are using - VERSION = "2.23.1" + VERSION = "2.24.0" end